CLAIMS 



What is claimed is: 

1 . A method of protecting security of a network server from unauthorized content 
contained in a message received by said server from a user, comprising: 

intercepting said message before any content of said message is processed by 
said server; 

examining said message to determine if it contains one or more unauthorized 
elements; 

if it is determined that said message contains an unauthorized element 
preventing said message received from being processed by said server; 

if it is determined that said message does not contain an unauthorized element 
allowing said message received to be processed by said server. 

2. The method of claim 1 wherein, if it is determined that said message received 
contains an unauthorized element, preventing said message received from being 
processed by said server, and causing an error notification to be sent to said user. 

3. The method of claim 1 comprising: 

receiving identification of an execution program set to be used to process said 
message received; 

retrieving identification of all message types associated with said execution 
program set; 

examining said message received by said server in relation to said message 
types associated with said execution program set; 

determining if said message received by said server contains an unauthorized 
element in relation to the corresponding message type for said message received; 

preventing a said message received containing an unauthorized element from 
being processed by said server. 
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4. The method of claim 3 wherein, if it is determined that said message received 
contains an unauthorized element, causing an error notification to be sent to said user. 

5. A method of protecting security of an Internet network server from unauthorized 
content contained in a message received over the internet by said server from a user, 
comprising: 

intercepting said message before any content of said message is processed by 
said server; 

examining said message to determine if it contains one or more unauthorized 
elements; 

if it is determined that said message contains an unauthorized element, 
preventing said message received from being processed by said server; 

if it is determined that said message received does not contain an unauthorized 
element, allowing said message received to be processed by said server. 

6. The method of claim 5 wherein, if it is determined that said message received 
contains an unauthorized element preventing said message received from being 
processed by said server, causing an error notification to be sent to said user. 

7. The method of claim 5 comprising: 

receiving identification of an execution page to be used to process said 
message received; 

retrieving identification of all message types associated with said execution 

page; 

examining said message received by said server in relation to said message 
types associated with said execution page; 

determining if said message received by said server contains an unauthorized 
element in relation to a corresponding message type for said message received; 

preventing said message received containing an unauthorized element from 
being processed by said server. 



CA9-200 1-0020 



17 



8. The method of claim 7 wherein, if it is determined that said message received 
contains an unauthorized element, causing an error notification to be sent to said user. 

9. The method of claim 8 wherein, if it is determined that said message received does 
not contain an unauthorized element, allowing said message received to be processed 
by said server. 

1 0. The method of claims 1 , 5, or 7 wherein said message comprises a name-value 
pair. 

1 1 . The method of claim 10 wherein said element comprises one or more of the 
following items: an instruction , a command, a character, a parameter, a token, or a 
string of any of said previous items. 

12. The method of claims 1 1 wherein said element is interpretable as an instruction 
or command by said server. 

1 3. Security control apparatus for controlling the security of a network server from 
unauthorized content contained in a message received from a user of said server 
comprising: 

means for intercepting said message received before any content of said 
message is processed by said server; 

means for examining said message received to determine if it contains one or 
more unauthorized elements; 

means for preventing said message received from being processed by said 
server if it is determined that said message received contains an unauthorized element; 

means for allowing said message received to be processed by said server if it is 
determined that said message received does not contain an unauthorized element. 

14. The apparatus of claim 14 wherein said network server comprises an Internet 
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network server and said message is received over the Internet by said server from a 
user. 

15. The apparatus of claim 13 or 14 further comprising means for returning an error 
message to said user. 

1 6. The apparatus of claim 1 5, comprising: 

means for receiving identification from said user of an execution page retrievable 
by said server to be used to process said message received; 

means for retrieving identification of message types associated with said 
execution page from facilities associated with said server; 

means for examining said message received by said server in relation to said 
message types associated with said execution page; 

means for determining if said message received by said server contains an 
unauthorized element in relation to a corresponding message type for said message 
received; 

means for preventing said message received containing an unauthorized 
element from being processed by said server. 

1 7. The apparatus of claim 1 6 comprising means for allowing said message received 
to be processed by said server if it is determined that said message received does not 
contain an unauthorized element. 

1 8. The apparatus of claim 1 7 wherein said message comprises a name-value pair 
and said element is contained by said name-value pair. 

1 9. The apparatus of claim 1 8 wherein said element comprises one or more of the 
following items: an instruction , a command, a character, a parameter, a token, or a 
string of any of said previous items. 
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20. The apparatus of claim 19 wherein said element is interpretable as an instruction 
or command by said server. 
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